CBSE's on-screen marking used outdated certificates, exposing student data risks
CBSE's On-Screen Marking (OSM) platform, which was accepted as safe to process close to 10 million student answer scripts and used for evaluating answer books plus post-result services, has landed in trouble for running on outdated and irrelevant cybersecurity certificates.
The board used two certificates from a tech vendor, one meant for a different university and another covering a temporary application version tested against BPUT's exam domain and a pre-production staging URL, which shouldn't have been used for actual student data.
This slip-up is raising serious questions about how well student information was protected.
CBSE procurement process under investigation
Between February and May 2026, the OSM system had major security gaps that left sensitive details of students and evaluators vulnerable.
Investigators even found an easy-to-exploit bug that could give access to private records and passwords.
Experts say these certificates failed to catch obvious risks.
Now, CBSE's procurement process is under investigation as concerns grow about keeping student information safe.